[JBoss-user] [Security & JAAS/JBoss] - UndeclaredThrowableException on client when recevieng Faile

Thu, 14 Jul 2005 05:56:25 -0700 

When my client tries to access a secured EJB with wrong  credentials, the 
server throws a FailedLoginException as expected. But then the client  throws  
UndeclaredThrowableException, because the method signature doesn't know 
anything about LoginException.  

>From my  point of view, the container has to wrap the LoginException into a 
>RuntimeException,
but it seems it does not.  In the EJB 2.1 spec:
"21.6.9 Runtime Security Enforcement
[..]
11/12/03 490 If the container denies a client access to a business method, the 
container must throw the java.rmi.RemoteException (or its sub class, the 
java.rmi.AccessException) to the client if the client is a remote client, or 
the javax.ejb.EJBException (or its subclass, the 
javax.ejb.AccessLocalException) if the client is a local client.
"
System is JBoss-4.0.2 on Linux, with CustomLoginModule  extends 
UsernamePasswordLoginModule


Best regards
Michael

Example StackTrace:


java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:324)
        at 
de.schlund.shop3.util.ServiceLocator.createEJBObject(ServiceLocator.java:90)
        at 
de.schlund.shop3.util.ServiceLocator.createEJBObject(ServiceLocator.java:69)
        at de.schlund.shop3.proxy.UserProxy.getRemote(UserProxy.java:44)
        at de.schlund.shop3.proxy.UserProxy.getRoles(UserProxy.java:56)
        at de.schlund.shop3config.login.LoginHelper.login(LoginHelper.java:27)

...

Caused by: java.lang.reflect.UndeclaredThrowableException
        at $Proxy1.create(Unknown Source)
        ... 50 more
Caused by: javax.security.auth.login.FailedLoginException: Password 
Incorrect/Password Required
        at 
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:166)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3884837#3884837

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3884837


-------------------------------------------------------
This SF.Net email is sponsored by the 'Do More With Dual!' webinar happening
July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual
core and dual graphics technology at this free one hour event hosted by HP,
AMD, and NVIDIA.  To register visit http://www.hp.com/go/dualwebinar
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to